The Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations apply to individuals and organizations meeting the HIPAA definition of “Covered Entities.” These covered entities include group health plans, health care providers who conduct certain transactions electronically — including but not limited to transmissions of health care claims — health care payments, enrollment in a health plan and referral authorizations and health care clearinghouses. Although UNE does not primarily or solely engage in any of these activities, some units within the University perform functions that bring them within the definition of a covered entity under HIPAA.

UNE performs both non-covered and covered entity functions to carry out its educational mission by providing health care in different contexts. HIPAA allows an entity that engages in limited HIPAA covered functions, to designate itself as a hybrid entity. A hybrid entity is a single legal entity that performs both covered entity functions and non-covered entity functions. The HIPAA regulations and requirements only apply to the covered entity components.

UNE declares itself a hybrid entity and has designated the following UNE units as Covered Entity Components:

View the UNE Notice of Privacy Practice and HIPAA Policies and Procedures Manual.




HIPAA Privacy Officer

Bernice A. Mills, RDH, M.S.
Assistant Dean of Student and Clinical Affairs
(207) 221-4314

HIPAA Compliance Coordinator

Laura Cutter, M.Ed., M.P.H.
(207) 221-4616